Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\smack\smack_lsm.c Create Date:2022-07-28 19:20:21
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:smack_bprm_set_creds - set creds for exec*@bprm: the exec information* Returns 0 if it gets a blob, -EPERM if exec forbidden and -ENOMEM otherwise

Proto:static int smack_bprm_set_creds(struct linux_binprm *bprm)

Type:int

Parameter:

TypeParameterName
struct linux_binprm *bprm
906  inode = file_inode(file)
907  bsp = smack_cred(w credentials )
912  If called_set_creds Then Return 0
915  isp = smack_inode(inode)
916  If label of the task == NULL || label of the task == label for access control Then Return 0
919  sbsp = s_security
920  If smk_flags & SMK_SB_UNTRUSTED && label of the task != smk_root Then Return 0
924  If how unsafe this exec is (mask of LSM_UNSAFE_*) & LSM_UNSAFE_PTRACE Then
926  rc = 0
928  _read_lock() - mark the beginning of an RCU read-side critical section* When synchronize_rcu() is invoked on one CPU while other CPUs* are within RCU read-side critical sections, then the* synchronize_rcu() is guaranteed to block until after all the other
929  tracer = ptrace_parent - return the task that is tracing the given task*@task: task to consider* Returns %NULL if no one is tracing @task, or the &struct task_struct* pointer to its tracer.* Must called under rcu_read_lock(). The pointer returned might be kept
930  If Value is more likely to compile time(tracer != NULL) Then rc = smk_ptrace_rule_check - helper for ptrace access*@tracer: tracer process*@tracee_known: label entry of the process that's about to be traced*@mode: ptrace attachment mode (PTRACE_MODE_*)*@func: name of the function that called us, used for audit* Returns
935  _read_unlock() - marks the end of an RCU read-side critical section.* In most situations, rcu_read_unlock() is immune from deadlock.* However, in kernels built with CONFIG_RCU_BOOST, rcu_read_unlock()
937  If rc != 0 Then Return rc
940  If how unsafe this exec is (mask of LSM_UNSAFE_*) & ~LSM_UNSAFE_PTRACE Then Return -EPERM
943  label for access control = label of the task
944  s to clear in current->personality |= Security-relevant compatibility flags that must be* cleared upon setuid or setgid exec:
947  If label for access control != label when forked Then secureexec = 1
950  Return 0